diff options
Diffstat (limited to 'wqflask')
-rw-r--r-- | wqflask/wqflask/pbkdf2.py | 4 | ||||
-rw-r--r-- | wqflask/wqflask/user_login.py | 6 |
2 files changed, 7 insertions, 3 deletions
diff --git a/wqflask/wqflask/pbkdf2.py b/wqflask/wqflask/pbkdf2.py index aea5b06c..6346df03 100644 --- a/wqflask/wqflask/pbkdf2.py +++ b/wqflask/wqflask/pbkdf2.py @@ -2,15 +2,15 @@ import hashlib from werkzeug.security import safe_str_cmp as ssc - # Replace this because it just wraps around Python3's internal # functions. Added this during migration. def pbkdf2_hex(data, salt, iterations=1000, keylen=24, hashfunc="sha1"): """Wrapper function of python's hashlib.pbkdf2_hmac. """ + dk = hashlib.pbkdf2_hmac(hashfunc, bytes(data, "utf-8"), # password - bytes(salt, "utf-8"), # salt + salt, iterations, keylen) return dk.hex() diff --git a/wqflask/wqflask/user_login.py b/wqflask/wqflask/user_login.py index bc608e84..041f1f11 100644 --- a/wqflask/wqflask/user_login.py +++ b/wqflask/wqflask/user_login.py @@ -39,8 +39,12 @@ def basic_info(): def encode_password(pass_gen_fields, unencrypted_password): + if isinstance(pass_gen_fields['salt'], bytes): + salt = pass_gen_fields['salt'] + else: + salt = bytes(pass_gen_fields['salt'], "utf-8") encrypted_password = pbkdf2.pbkdf2_hex(str(unencrypted_password), - pass_gen_fields['salt'], + salt, pass_gen_fields['iterations'], pass_gen_fields['keylength'], pass_gen_fields['hashfunc']) |